Content-Length response header
1,732 views
Skip to first unread message
Linus Larsen
Mar 12, 2016, 6:06:50 AM3/12/16
to Google App Engine
Sometime yesterday (10th), our clients started to behave strage. After some investigation it seems like Google decided to remove the Content-Length
header from the http responses. The request / response messages between our clients are actually small protobuf encoded binary messages, using
Content-Type: application/octet-stream, and this has worked flawless uptil now.
Ok, we thought we just set the clients to use HTTP1.0, since Content-Length header is mandatory in 1.0. But that didn't help we still don't get any
Content-Length IMO this GAE behavior breaks GAE and HTTP1.0 compability.
So, why is the Content-Length header missing? It was there before but has been removed, why wasn't we informed?
Nickolas Daskalou
Mar 12, 2016, 9:28:12 AM3/12/16
to Google App Engine
Hi Linus,
Do you have a public URL we can test?
Nick
--
You received this message because you are subscribed to the Google Groups "Google App Engine" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-appengi...@googlegroups.com.
To post to this group, send email to google-a...@googlegroups.com.
Visit this group at https://groups.google.com/group/google-appengine.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/2d8c8dbb-8f93-4935-84ea-2bcc2f86de9f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Linus Larsen
Mar 12, 2016, 10:39:39 AM3/12/16
to Google App Engine
It's a bit problematic, since we have our own CA cert and our clients sends encrypted packages (besides SSL). However these headers are
what we get using http 1.0:
localhost:~$ curl -0 -I --cacert ~/cert/rootCA/rootCA.crt https://outlet.epspot.com/services/secure_outlet/hello
HTTP/1.0 200 OK
Content-Type: text/plain
Date: Sat, 12 Mar 2016 14:48:56 GMT
Server: Google Frontend
Alt-Svc: quic=":443"; ma=2592000; v="31,30,29,28,27,26,25"
This is what the clients are using (http POST)
HTTP/1.0 200 OK
Content-Type: text/plain
Date: Sat, 12 Mar 2016 14:48:56 GMT
Server: Google Frontend
Alt-Svc: quic=":443"; ma=2592000; v="31,30,29,28,27,26,25"
This is what the clients are using (http POST)
HTTP/1.0 200 OK
Content-Type: application/octet-stream
Date: Sat, 12 Mar 2016 14:26:55 GMT
Server: Google Frontend
Cache-Control: private
Alt-Svc: quic=":443"; ma=2592000; v="31,30,29,28,27,26,25"
Accept-Ranges: none
Vary: Accept-Encoding
Content-Type: application/octet-stream
Date: Sat, 12 Mar 2016 14:26:55 GMT
Server: Google Frontend
Cache-Control: private
Alt-Svc: quic=":443"; ma=2592000; v="31,30,29,28,27,26,25"
Accept-Ranges: none
Vary: Accept-Encoding
Using HTTP1.1 we get no Content-Length as well, however Content-Length were present before yesterday.
/ Linus
Nicholas (Google Cloud Support)
Mar 18, 2016, 4:35:36 PM3/18/16
to Google App Engine
According to this article, the 'Content-Length' and 'Transfer-Encoding' headers are remove from responses your application may serve. Those headers are then added by the Google Front End and finally, the response is served.
- Request headers
- Runtime specs (Java, Python, PHP, Go, MVM)
- Code sample of your request handler
- Does this occur with all your modules/versions?
- If you deploy a 'Hello World', do you also get responses without these headers?
- Is their any proxy between the Google Front End and the client that might be removing these headers?
Any information you can provide to more effectively diagnose or reproduce the issue would be very helpful.
Linus Larsen
Mar 21, 2016, 6:14:27 PM3/21/16
to Google App Engine
FYI, we are using JAVA and no proxies in between. There is no problem doing a ordinary GET with curl or browser, the Content-Length header is there.
I think this issue has to do with SSL. We have a custom domain, our own root certificate, and a dispatch.xml routing the traffic. Previous I posted an example
request for a "Hello World" request:
localhost:~$ curl -0 -I --cacert ~/cert/rootCA/rootCA.crt https://outlet.epspot.com/services/secure_outlet/hello
Obviously I cannot post our root certificate here, but it should give you an indication where the problem might be. As a mentioned before our real clients
is using POST and binary encoding, but it does't seem to matter, Content-Length header is missing.
/ Linus
Nicholas (Google Cloud Support)
Mar 23, 2016, 4:22:53 PM3/23/16
to Google App Engine
Thanks for the additional information. I'll attempt a little further to reproduce the issue and reach out if I require additional information. I will get back to you either way within the next few days.
On Saturday, March 12, 2016 at 6:06:50 AM UTC-5, Linus Larsen wrote:
Nicholas (Google Cloud Support)
Mar 25, 2016, 5:29:45 PM3/25/16
to Google App Engine
I cannot reproduce this behavior on my side. All of my own applications serve responses with either the Content-Length header or the Transfer-Encoding: chunked with and without SSL. In addition, the URL you provided also always serves responses with one of those headers. More accurately, the Google Front End has always been serving responses with said headers. I suspect the headers might be stripped elsewhere.
Could you provide a code sample of the client getting the responses? Perhaps a local library is stripping headers or performing some other changes behind the scenes.
On Saturday, March 12, 2016 at 6:06:50 AM UTC-5, Linus Larsen wrote:
Reply all
Reply to author
Forward
0 new messages